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IN THE CLAIMS: 





Please ame-hd claims 1, 9, 11, 14, and 18 as follows: 



1. (Currently Amended) A system comprising: 

a plurality of . certificate authorities (CAs) in which each CA 
maintains and distributes digital certificates revoked by itself in the 
form of a certificate revocation list/ (CRL) , and different CAs may use 
different CRL distribution mechanic 

a plurality of CRL databases fofc storing the consolidated CRLs 
from multiple CRL retrieval agents and/or, the replications of CRLs , the 
CRL databases storing at least one individually identifiable revoked 
digital certificate ; and 

a CRL access user interface fir providing a uniform set of APIs 
for [user's] users accessing the CRLs in the CRL database, said system 
enabling consolidation and access Jbf the certificate revocation [list] 
lists [(CRL)] (CRLs) from the plurality of certificate authorities 
(CAs) . 

2. (Original) A /system according to claim 1, wherein 
said plurality of CRL databases include a 'central CRL database and a 
plurality of CRL replication /databases, said central CRL database for 
storing the consolidated CRLfi from the multiple CRL retrieval agents, 

5 and said plurality of CRL replication databases for storing the 
replications of the CRLs of/the central CRL database. 

3. (Original) /A system according to claim 1, wherein 
said plurality of CRL retrieval agents include a LDAP/CRL retrieval 
agent, for periodically retrieving CRLs from specified LDAP servers 
and updating the CRL datapases. 

4. (Original) / A system according to claim 1, wherein 
said plurality of CRL retrieval agents include a HTTP/ CRL retrieval 
agent, for periodically/ retrieving CRLs from specified HTTP servers 
and updating the CRL database . 

5. (Original) / A system according to claim 1, wherein 
said plurality of CRL/retrieval agents include a RFC14 24 / CRL 
retrieval agents, foj? periodically sending RFC1424/CRL retrieval 
request and receiving CRL retrieval reply. 
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6. (Original) A system according to claim 1, wherein 
said plurality of CRL retrieval agents/ include a Http retrieval . agent 
triggered by a HTTP request, said HttO receiver agent verifies an 
authorization of the requester, if su/ccessful, said agent stores each 
transmitted CRL in the CRL databases 

7. (Original) A systenl according to claim 1, wherein 
said plurality of CRL retrieval * agents further verifies the integrity 
and the authenticity of the retrieved CRLs. 

8. (Original) A system according to claim 1, wherein a 
particular replication architecture is used among said plurality of 
CRL databases in order to maintain database consistency. 

9. (Currently Amended) / A system according to claim 2, 
wherein a [sub] hub -and-spoke ^replication architecture is used among 
said central CRL database and/said plurality of CRL replication 
databases . 

10. (Original) system according to claim 1, wherein 
said system is also adaptec/ for consolidating and accessing at least 
one kind of black list. 

11. (Currently Amended) In a secure network 
implemented by digital certificates, a method for certificate 
revocation list (CRL) consolidation and access, wherein a plurality 
of certificate authorities (CAs) maintain and distribute the digital 
certificates revoked by themselves in the form of CRLs , and different 
CAs may use different /CRL distribution mechanisms, said method 
comprising the steps t>f : 

creating a plurality of CRL retrieval agents based on the CRL 
distribution mechanisms of CAs, for consolidating the CRLs from 
multiple CAs; 

storing the consolidated CRLs from multiple CRL retrieval 
agents or the replications of CRLs into a plurality of CRL databases^ 
the consolidated CRLs including at least one individually 
identifiable revoked digital certificate ; and 

accessing tl|e CRLs from the CRL databases by a uniform set of 

APIs. 
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12. (Original) A method according to claim 11, said 
plurality of CRL databases include a /central CRL database and a 
plurality of CRL replication databasfe, said central CRL database for 
storing the consolidated CRLs from multiple CRL retrieval agents and 
said plurality of CRL replication database for storing the 
replications of the CRLs of the ceptral database. 

13. (Original) A metrfod according to claim 11, wherein 
said method is also adapted for consolidation and accessing all kinds 
of black lists. 

14. (Currently Amended) / An article of manufacture 
comprising a computer usable rcfedium having computer readable program 
code means embodied therein fjor causing certificate revocation list 
(CRL) consolidation and access [,], the computer readable program code 
means in said article of manufacture comprising computer readable 
program code means for caus/ing a computer to effect the steps of 
claim 1 1 . 

15. (Original) / A computer program product comprising a 
computer usable medium ha/ving computer readable program code means 
embodied therein for causing certificate revocation list (CRL) 
consolidation and accesg, the computer readable program code means in 
said computer program piroduct comprising computer readable program 
code means for causing/a computer to effect the steps of claim 11. 

I k (Original) / A program storage device readable by 

machine, tangibly embodying a program of instructions executable by 
the machine to perform method steps for certificate revocation list 
(CRL) consolidation /and access, said method steps comprising the 
steps of claim 11, 

\~1 K}^. (Currently Amended) A method comprising: 

employing a secure network implemented by digital certificates 
for certificate revocation list (CRL) consolidation and access, with 
a plurality of certificate authorities (CAs) maintaining and 
distributing the/ digital certificates revoked by themselves in the 
form of CRLs, wfterein different CAs may use different CRL 
distribution mefchanisms, including the steps of: 
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creating a plurality of CRiy retrieval agents based on the CRL 
distribution mechanisms of CAs , tor consolidating the CRLs from 
10 multiple CAs; / 

storing the consolidated CRLs from multiple CRL retrieval 
agents or the replications of CRLs into a plurality of CRL databases^ 
the consolidated CRLs including at least one individually 
identifiable revoked digital Jcert if icate ; and 
15 accessing the CRLs forrrf the CRL databases by a uniform set of 

APIs. / 

"3s$* (Original) /a program storage device readable by 

machine, tangibly embodying a program of instructions executable by 
the machine to perform meuhod steps for certificate revocation list 
(CRL) consolidation and access, said method steps comprising the 
5 steps of claim 18. / 

\°\ • "2^. (Original) / An article of manufacture comprising a 

computer usable medium having computer readable program code means 
embodied therein for causing certificate revocation list (CRL) 
consolidation and acceJss, the computer readable program code means in 
5 said article of manufacture comprising computer readable program code 
means for causing a aomputer to effect the steps of claim 18. 

ifi - (Original)/ A computer program product comprising a 

computer usable medium having computer readable program code means 
embodied therein f©r causing certificate revocation list (CRL) 
consolidation and /access, the computer readable program code means in 
said computer program product comprising computer readable program 
code means for causing a computer to effect the steps of claim 18. 
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